Lucene search
IBMA6ACE0DB0767D489D5B7B076A2901B470CB327011EE9912B1BE72CACE75B5A51HistorySep 20, 2023 - 12:42 p.m.
Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM WebSphere Application Server Liberty is vulnerable to Identity Spoofing (CVE-2022-22476)
2023-09-2012:42:21
www.ibm.com
15
Summary
IBM WebSphere Application Server Liberty and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. This affects The IBM® Engineering Lifecycle Engineering product using WebSphere Application Server Liberty versions 22.0.0.7 and prior.
Vulnerability Details
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| ELM | 7.0.2 |
| ELM | 7.0.1 |
Remediation/Fixes
Versions Affected: 17.0.0.3 - 23.0.0.5
If any of the mentioned affected product is deployed on one of the above versions, Please follow the instruction given in the following article.
Link : <https://www.ibm.com/support/pages/node/6602015>
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm engineering lifecycle management base | eq | 7.0.1 | |
| ibm engineering lifecycle management base | eq | 7.0.2 |
Related
ibm
ibm
Security Bulletin: IBM CICS TX Advanced is vulnerable to identity spoofing due to IBM WebSphere Application Server Liberty (CVE-2022-22476)
2023-02-14 21:04:36
osv
osv
CVE-2022-22476
2022-07-08 18:15:09
prion
prion
Design/Logic Flaw
2022-07-08 18:15:00
nessus
nessus
cve
cve
CVE-2022-22476
2022-07-08 18:15:00
Related for A6ACE0DB0767D489D5B7B076A2901B470CB327011EE9912B1BE72CACE75B5A51